From 56e3d4a72d21d8c5f78eeac96a7ba189dd370fb5 Mon Sep 17 00:00:00 2001
From: ahze <ahze@FreeBSD.org>
Date: Thu, 17 Mar 2005 07:32:33 +0000
Subject: - Add patch to fix buffer overflow vulnerability from CDDB server. -
 Bump PORTREVISION

PR:		ports/78928
Submitted by:	Esa Karkkainen <ejk@iki.fi>
---
 audio/grip/Makefile                |  2 +-
 audio/grip/files/patch-src::discdb | 20 ++++++++++++++++++++
 2 files changed, 21 insertions(+), 1 deletion(-)
 create mode 100644 audio/grip/files/patch-src::discdb

(limited to 'audio')

diff --git a/audio/grip/Makefile b/audio/grip/Makefile
index e72afee63ebc..d4f0dfd25b93 100644
--- a/audio/grip/Makefile
+++ b/audio/grip/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	grip
 PORTVERSION=	3.2.0
-PORTREVISION=	6
+PORTREVISION=	7
 CATEGORIES=	audio
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE_EXTENDED}
 MASTER_SITE_SUBDIR=	${PORTNAME}
diff --git a/audio/grip/files/patch-src::discdb b/audio/grip/files/patch-src::discdb
new file mode 100644
index 000000000000..1d300b270f0e
--- /dev/null
+++ b/audio/grip/files/patch-src::discdb
@@ -0,0 +1,20 @@
+--- src/discdb.c.orig	Thu Apr 15 21:23:37 2004
++++ src/discdb.c	Wed Mar 16 19:02:09 2005
+@@ -311,7 +311,7 @@
+     query->query_match=MATCH_EXACT;
+     query->query_matches=0;
+ 
+-    while((inbuffer=DiscDBReadLine(&dataptr))) {
++    while(query->query_matches < MAX_INEXACT_MATCHES && (inbuffer=DiscDBReadLine(&dataptr))) {
+       query->query_list[query->query_matches].list_genre=
+ 	DiscDBGenreValue(g_strstrip(strtok(inbuffer," ")));
+       
+@@ -331,7 +331,7 @@
+     query->query_match=MATCH_INEXACT;
+     query->query_matches=0;
+ 
+-    while((inbuffer=DiscDBReadLine(&dataptr))) {
++    while(query->query_matches < MAX_INEXACT_MATCHES && (inbuffer=DiscDBReadLine(&dataptr))) {
+       query->query_list[query->query_matches].list_genre=
+ 	DiscDBGenreValue(g_strstrip(strtok(inbuffer," ")));
+       
-- 
cgit